Recent Innovations and Comparison of Deep Learning Techniques in Malware Classification : A Review

Balram Yadav; Sanjiv Tokekar

Recent Innovations and Comparison of Deep Learning Techniques in Malware Classification : A Review

Abstract

The internet made an individual’s life very easy and more productive, but there are some associated threats linked to the internet and devices. Malware is considered the most severe threat for decades to the digital world and malware variants identification and classification is the most vital and critical research problem. It is an invasive malicious code that accesses devices, information, and services without the permission, knowledge of the user. Researchers, analysts and antivirus companies are incessantly inventing and implementing new strategies to fight back malware and its variants. In the last decade, one of the strategies is extensively used in the field of malware detection and classification is the deep learning methods using malware visualization. Results revealed that using visualization; malware can be identified, classified more promptly, efficiently, and accurately. Deep learning algorithms vary according to applications, architecture, and uses, so it is required to review and inspect the work based on deep learning to use malware visualization to know the recent approaches and innovations that have been established, to identify problems, current issues, challenges, and of course at the same time to motivate potential research directions. In this effort, an extensive survey of works that utilized deep learning methods using malware image representation, for malware classification is reviewed with a detailed discussion on key methods such as data sets description, malware image representation strategies, and deep learning architectures of parameters, contributions, and limitations. A comparison of the reviewed work is presented based on various key factors.

Keywords

—Deep learning, Deep learning architectures, Image representation, Malware, Malware classification, Malware visualization

References

Malware statistics and Trends Report [online] by AV-test insti- tute, ”https://www.av-test.org/en/statistics/malware/”.
McAfee Labs Threats Report [online] November 2020, ”https://www.mcafee.com/enterprise/en-us/assets/reports/rp- quarterly-threats-nov-2020.pdf”.
L. Nataraj, S. Karthikeyan, G. Jacob, and B. S. Manjunath, ”Malware images: visualization and automatic classification,” In Proceedings of the 8th International Symposium on Vi- sualization for Cyber Security (VizSec ’11), Association for Computing Machinery, New York, NY, USA, Article 4, pp. 17, 2011. DOI:https://doi.org/10.1145/2016904.2016908.
L. Nataraj, V. Yegneswaran, P. Porras, and J. Zhang, ”A compar- ative assessment of malware classification using binary texture analysis and dynamic analysis,” In Proceedings of the 4th ACM workshop on Security and artificial intelligence (AISec ’11), Association for Computing Machinery, New York, NY, USA, pp. 2130, 2011. DOI:https://doi.org/10.1145/2046684.2046689.
K. Han, J. H. Lim, and E. G. Im, ”Malware analysis method using visualization of binary files,” In Proceedings of the 2013 Research in Adaptive and Convergent Systems (RACS ’13), As- sociation for Computing Machinery, New York, NY, USA, pp. 317321, 2013. DOI:https://doi.org/10.1145/2513228.2513294.
A. Makandar and A. Patrot, ”Malware analysis and classifi- cation using Artificial Neural Network,” International Confer- ence on Trends in Automation, Communications and Com- puting Technology (I-TACT-15), Bangalore, pp. 1-6, 2015. DOI:https://doi.org/10.1109/ITACT.2015.7492653.
K. K. Pal and K. S. Sudeep, ”Preprocessing for image classifica- tion by convolutional neural networks,” IEEE International Con- ference on Recent Trends in Electronics, Information & Com- munication Technology (RTEICT), Bangalore, pp. 1778-1781, 2016. DOI:https://doi.org/10.1109/RTEICT.2016.7808140.
M. Kalash, M. Rochan, N. Mohammed, N. D. B. Bruce, Y. Wang and F. Iqbal, ”Malware Classification with Deep Convo- lutional Neural Networks,” 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS), Paris, pp. 1-5, 2018. DOI:https://doi.org/10.1109/NTMS.2018.8328749.

Y. Mourtaji, M. Bouhorma, and D. Alghazzawi, ”Intel- ligent Framework for Malware Detection with Convolu- tional Neural Network,” In Proceedings of the 2nd In- ternational Conference on Networking, Information Sys- tems & Security (NISS19), Association for Computing Ma- chinery, New York, NY, USA, Article 7, pp. 16, 2019. DOI:https://doi.org/10.1145/3320326.3320333.
S. Karen and Z. Andrew, ”Very deep convolutional networks for large-scale image recognition,” arXiv preprint, arXiv, 2014. DOI:https://arxiv.org/abs/1409.1556. [11] Z. Cui, F. Xue, X. Cai, Y. Cao, G. Wang and J. Chen, ”Detection of Malicious Code Variants Based on Deep Learning,” In IEEE Transactions on Industrial In- formatics, DOI:https://doi.org/10.1109/TII.2018.2822680. 7, pp. 3187-3196, July 2018.
S. Ni, Q. Qian and R. Zhang, ”Malware identification images vol. Computers DOI:https://doi.org/10.1016/j.cose.2018.04.005. learning,” Security, 77, pp. 871-885, 2018.
A. Singh, A. Handa, N. Kumar, S.K. Shukla, ”Malware Clas- sification Using Image Representation,” In: Dolev S., Hendler D., Lodha S., Yung M. (eds) Cyber Security Cryptography and Machine Learning, CSCML 2019, Lecture Notes in Computer Science, vol. 11527, 2019. DOI:https://doi.org/10.1007/978-3- 030-20951-3 6.
X. Meng et al., ”MCSMGS: Malware Classification Model Based ence on Cyber-Enabled Distributed Computing and Knowl- edge Discovery (CyberC), Nanjing, pp. 272-275, 2017. DOI:https://doi.org/10.1109/CyberC.2017.21. Confer
D. Kornish, J. Geary, V. Sansing, S. Ezekiel, L. Pearlstein and L. Njilla, ”Malware Classification using Deep Convolutional Neural Networks,” 2018 IEEE Applied Imagery Pattern Recog- nition Workshop (AIPR), Washington, DC, USA, pp. 1-6, 2018. DOI:https://doi.org/10.1109/AIPR.2018.8707429. [16] Y. Ding, S. Networks opcode malware detection,” Belief 2016 International Joint Conference on Neural Networks (IJCNN), DOI:https://doi.org/10.1109/IJCNN.2016.7727705. BC, pp. 3901-3908, 2016.
W. Hardy, L. Chen, S. Hou, Y. Ye and X. Li, ”DL 4 MD: A Deep Learning Framework for Intelligent Malware Detection,” 2016.
S. Tobiyama, Y. Yamaguchi, H. Shimada, T. Ikuse and T. Yagi, ”Malware Detection with Deep Neural Network Using Process Behavior,” 2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC), Atlanta, GA, pp. 577- 582, 2016. DOI:https://doi.org/10.1109/COMPSAC.2016.151.
B. Dong and X. Wang, ”Comparison deep learning method to traditional methods using for network intrusion detection,” 2016 8th IEEE International Conference on Communication Software and Networks (ICCSN), Beijing, pp. 581-585, 2016. DOI:https://doi.org/10.1109/ICCSN.2016.7586590.
K. D. T. Nguyen, T. M. Tuan, S. H. Le, A. P. Viet, M. Ogawa and N. L. Minh, ”Comparison of Three Deep Learning-based Approaches for IoT Malware Detection,” 2018 10th International Conference on Knowledge and Systems Engineering (KSE), Ho Chi Minh City, pp. 382-388, 2018. DOI:https://doi.org/10.1109/KSE.2018.8573374.
M. Hasan, Md. M. Islam, Md. I. I. Zarif, M.M.A. Hashem, ”Attack and anomaly detection in IoT sensors in IoT sites using machine learning approaches,” Internet of Things, vol. 7, 2019. DOI:https://doi.org/10.1016/j.iot.2019.100059.
H. Naeem, ”Detection of Malicious Activities in Internet of Things Environment Based on Binary Visualization and Machine Intelligence,” Wireless Pers Communication 108, pp. 26092629, 2019. DOI:https://doi.org/10.1007/s11277-019- 06540-6.
E. Kabanga and C. Kim, ”Malware Images Classification Using Convolutional Neural Network”, Journal of Com- puter and Communications, vol. 6, pp. 153-158, 2018. DOI:https://doi.org/10.4236/jcc.2018.61016.
D. Li and D. Yu, ”Deep Learning: Methods and Applications,” Foundations and Trends R in Signal Processing, 7(34), pp. 197387, June 2014. DOI:https://doi.org/10.1561/2000000039.
W. Liu, Z. Wang, X. Liu, N. Zeng, Y. Liu, F. E. Alsaadi, ”A survey of deep neural network architectures and their applications,” Neurocomputing, vol. 234, pp. 11-26, 2017. DOI:https://doi.org/10.1016/j.neucom.2016.12.038.
K. Donghwoon, K. Hyunjoo, K. Jinoh, S. Sang, K. Ikkyun and K. Kuinam, ”A survey of deep learning-based network anomaly detection,” Cluster Computing, vol. 22, pp. 949961, 2019. DOI:https://doi.org/10.1007/s10586-017-1117-8.
J. Yang , J. Deng , S. Li et al., ”Improved traffic detec- tion with support vector machine based on restricted Boltz- mann machine,” Soft Computing, vol. 21, pp. 31013112, 2017. DOI:https://doi.org/10.1007/s00500-015-1994-9.
S. C. Hsiao, D. Y. Kao, Z. Liu, R. Tso, ”Malware Image Clas- sification Using One-Shot Learning with Siamese Networks,” Procedia Computer Science, vol. 159, pp. 1863-1871, 2019. DOI:https://doi.org/10.1016/j.procs.2019.09.358.
Y. Wang, J. An and W. Huang, ”Using CNN-based Represen- tation Learning Method for Malicious Traffic Identification,” 2018 IEEE/ACIS 17th International Conference on Computer and Information Science (ICIS), Singapore, pp. 400-404, 2018. DOI:https://doi.org/10.1109/ICIS.2018.8466404.
W. Wang, M. Zhu, X. Zeng, X. Ye and Y. Sheng, ”Mal- ware traffic classification using convolutional neural network for representation learning,” 2017 International Conference on Information Networking (ICOIN), Da Nang, pp. 712-717, 2017. DOI:https://doi.org/10.1109/ICOIN.2017.7899588. [34] M. Kumari, G. Hsieh and Learning Approach to Malware Multi-class Classification Using Image Processing Techniques,” 2017 International Conference on Computational Science and Computational Intelligence (CSCI), Las Vegas, NV, pp. 13-18, 2017. DOI:https://doi.org/10.1109/CSCI.2017.3. Okonkwo, ”Deep
M. Jain, W. Andreopoulos and M. Stamp, ”Convolutional neural networks and extreme learning machines for malware classi- fication,” J Comput Virol Hack Tech 16, pp. 229244, 2020. DOI:https://doi.org/10.1007/s11416-020-00354-y.
H. Naeem, U. Farhan, N. M. Rashid, K. Shehzad, V. Dan- ish, J. Sohail and S. Saqib, ”Malware Detection in Indus- trial Internet of Things based on Hybrid Image Visualization and Deep Learning Model,” Ad Hoc Networks 105, 2020. DOI:https://doi.org/10.1016/j.adhoc.2020.102154.
G. S. Kumar, P. Bagane, ”Detection Of Malware Using Deep Learning Techniques,” International journal of scientific & technology research, vol. 9, issue 01, pp. 1688-1691, January 2020.
D. Vasan, M. Alazab, S. Wassan, B. Safaei, Q. Zheng, ”Image- Based malware classification using ensemble of CNN archi- tectures (IMCEC),” Computers & Security, vol. 92, 2020. DOI:https://doi.org/10.1016/j.cose.2020.101748.
JY. Kim, SJ. Bu, SB. Cho, ”Malware Detection Using Deep Transferred Generative Adversarial Networks,” In: Liu D., Xie S., Li Y., Zhao D., El-Alfy ES. (eds) Neural Information Processing, - 24th International Conference, ICONIP 2017, vol. 10634 , pp. 556-564, 2017. DOI:https://doi.org/10.1007/978-3- 319-70087-8 58.
K. Sudhakar and K. Sushil, ”An emerging threat Fileless malware: a survey and research challenges,” Cybersecurity, vol. 3, no. 1, 2020. DOI:https://doi.org/10.1186/s42400-019-0043-x.

Details

Primary Language

English

Subjects

-

Journal Section

-

Authors

Balram Yadav This is me

Sanjiv Tokekar This is me

Publication Date

December 1, 2020

Submission Date

-

Acceptance Date

-

Published in Issue

Year 2020 Volume: 9 Number: 4

IZ

https://izlik.org/JA53FR94MX

Cite

RIS / Bibtex

APA

Yadav, B., & Tokekar, S. (2020). Recent Innovations and Comparison of Deep Learning Techniques in Malware Classification : A Review. International Journal of Information Security Science, 9(4), 230-247. https://izlik.org/JA53FR94MX

AMA

1.Yadav B, Tokekar S. Recent Innovations and Comparison of Deep Learning Techniques in Malware Classification : A Review. IJISS. 2020;9(4):230-247. https://izlik.org/JA53FR94MX

Chicago

Yadav, Balram, and Sanjiv Tokekar. 2020. “Recent Innovations and Comparison of Deep Learning Techniques in Malware Classification : A Review”. International Journal of Information Security Science 9 (4): 230-47. https://izlik.org/JA53FR94MX.

EndNote

Yadav B, Tokekar S (December 1, 2020) Recent Innovations and Comparison of Deep Learning Techniques in Malware Classification : A Review. International Journal of Information Security Science 9 4 230–247.

IEEE

[1]B. Yadav and S. Tokekar, “Recent Innovations and Comparison of Deep Learning Techniques in Malware Classification : A Review”, IJISS, vol. 9, no. 4, pp. 230–247, Dec. 2020, [Online]. Available: https://izlik.org/JA53FR94MX

ISNAD

Yadav, Balram - Tokekar, Sanjiv. “Recent Innovations and Comparison of Deep Learning Techniques in Malware Classification : A Review”. International Journal of Information Security Science 9/4 (December 1, 2020): 230-247. https://izlik.org/JA53FR94MX.

JAMA

1.Yadav B, Tokekar S. Recent Innovations and Comparison of Deep Learning Techniques in Malware Classification : A Review. IJISS. 2020;9:230–247.

MLA

Yadav, Balram, and Sanjiv Tokekar. “Recent Innovations and Comparison of Deep Learning Techniques in Malware Classification : A Review”. International Journal of Information Security Science, vol. 9, no. 4, Dec. 2020, pp. 230-47, https://izlik.org/JA53FR94MX.

Vancouver

1.Balram Yadav, Sanjiv Tokekar. Recent Innovations and Comparison of Deep Learning Techniques in Malware Classification : A Review. IJISS [Internet]. 2020 Dec. 1;9(4):230-47. Available from: https://izlik.org/JA53FR94MX